OpenArgue: Supporting argumentation to evolve secure software systems

Abstract

When software systems are verified against security requirements, formal and informal arguments provide a structure for organizing the software artifacts. Our recent work on the evolution of security-critical software systems demonstrates that our argumentation technique is useful in limiting the scope of change and in identifying changes to security properties. In support of this work, we have developed OpenArgue, a tool for syntax checking, visualizing, formalizing, and reasoning about incremental arguments. OpenArgue has been integrated with requirements engineering tools for Problem Frames and i∗, and applied to an Air Traffic Management (ATM) case study.